Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
10692
Total
727
Critical
3080
High
3407
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-6984 | MEDIUM | 4.7 | A security flaw has been discovered in AstrBotDevs AstrBot up to 4.22.1. This affects the function create_template of the file astrbot/dashboard/routes/t2i.py of the component Dashboard … | Apr 25, 2026 |
| CVE-2026-6983 | MEDIUM | 4.7 | A vulnerability was identified in pagekit up to 1.0.18. Affected by this issue is some unknown functionality of the file /index.php/admin/system/update/download. The manipulation of the … | Apr 25, 2026 |
| CVE-2026-6982 | MEDIUM | 6.3 | A vulnerability was determined in star7th ShowDoc up to 2.10.10/3.6.2/3.8.0. Affected by this vulnerability is an unknown functionality of the file server/Application/Api/Controller/PageController.class.PHP of the component … | Apr 25, 2026 |
| CVE-2026-6981 | MEDIUM | 6.3 | A vulnerability was found in IhateCreatingUserNames2 AiraHub2 up to 3e4b77fd7d48ed811ffe5b8d222068c17c76495e. Affected is the function connect_stream_endpoint/sync_agents of the file AiraHub.py of the component Endpoint. Performing a … | Apr 25, 2026 |
| CVE-2026-6980 | HIGH | 7.3 | A vulnerability has been found in Divyanshu-hash GitPilot-MCP up to 9ed9f153ba4158a2ad230ee4871b25130da29ffd. This impacts the function repo_path of the file main.py. Such manipulation of the argument … | Apr 25, 2026 |
| CVE-2026-6979 | MEDIUM | 6.3 | A flaw has been found in devlikeapro WAHA up to 2026.3.4. This affects an unknown function of the file src/api/media.controller.ts of the component API Request … | Apr 25, 2026 |
| CVE-2026-6978 | MEDIUM | 4.7 | A vulnerability was detected in JiZhiCMS up to 2.5.6. The impacted element is the function htmlspecialchars_decode of the file /index.php/admins/Sys/addcache.html. The manipulation of the argument … | Apr 25, 2026 |
| CVE-2026-6977 | HIGH | 7.3 | A security vulnerability has been detected in vanna-ai vanna up to 2.0.2. The affected element is an unknown function of the component Legacy Flask API. … | Apr 25, 2026 |
| CVE-2026-31685 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: netfilter: ip6t_eui64: reject invalid MAC header for all packets `eui64_mt6()` derives a modified EUI-64 from … | Apr 25, 2026 |
| CVE-2026-31684 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: net: sched: act_csum: validate nested VLAN headers tcf_csum_act() walks nested VLAN headers directly from skb->data … | Apr 25, 2026 |
| CVE-2026-31683 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: batman-adv: avoid OGM aggregation when skb tailroom is insufficient When OGM aggregation state is toggled … | Apr 25, 2026 |
| CVE-2026-31682 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: bridge: br_nd_send: linearize skb before parsing ND options br_nd_send() parses neighbour discovery options from ns->opt[] … | Apr 25, 2026 |
| CVE-2026-31681 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: netfilter: xt_multiport: validate range encoding in checkentry ports_match_v1() treats any non-zero pflags entry as the … | Apr 25, 2026 |
| CVE-2026-31680 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: net: ipv6: flowlabel: defer exclusive option free until RCU teardown `ip6fl_seq_show()` walks the global flowlabel … | Apr 25, 2026 |
| CVE-2026-31679 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: openvswitch: validate MPLS set/set_masked payload length validate_set() accepted OVS_KEY_ATTR_MPLS as variable-sized payload for SET/SET_MASKED actions. … | Apr 25, 2026 |
| CVE-2026-31678 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: openvswitch: defer tunnel netdev_put to RCU release ovs_netdev_tunnel_destroy() may run after NETDEV_UNREGISTER already detached the … | Apr 25, 2026 |
| CVE-2026-31677 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - limit RX SG extraction by receive buffer budget Make af_alg_get_rsgl() limit each … | Apr 25, 2026 |
| CVE-2026-31676 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: rxrpc: only handle RESPONSE during service challenge Only process RESPONSE packets while the service connection … | Apr 25, 2026 |
| CVE-2026-31675 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_netem: fix out-of-bounds access in packet corruption In netem_enqueue(), the packet corruption logic uses … | Apr 25, 2026 |
| CVE-2026-31674 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: netfilter: ip6t_rt: reject oversized addrnr in rt_mt6_check() Reject rt match rules whose addrnr exceeds IP6T_RT_HOPS. … | Apr 25, 2026 |
| CVE-2026-31673 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: af_unix: read UNIX_DIAG_VFS data under unix_state_lock Exact UNIX diag lookups hold a reference to the … | Apr 25, 2026 |
| CVE-2026-6951 | CRITICAL | 9.8 | Versions of the package simple-git before 3.36.0 are vulnerable to Remote Code Execution (RCE) due to an incomplete fix for [CVE-2022-25912](https://security.snyk.io/vuln/SNYK-JS-SIMPLEGIT-3112221) that blocks the -c … | Apr 25, 2026 |
| CVE-2026-6175 | UNKNOWN | — | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | Apr 24, 2026 |
| CVE-2026-42171 | HIGH | 7.8 | NSIS (Nullsoft Scriptable Install System) 3.06.1 before 3.12 sometimes uses the Low IL temp directory when executing as SYSTEM, allowing local attackers to gain privileges … | Apr 24, 2026 |
| CVE-2026-41488 | LOW | 3.1 | LangChain is a framework for building agents and LLM-powered applications. Prior to 1.1.14, langchain-openai's _url_to_size() helper (used by get_num_tokens_from_messages for image token counting) validated URLs … | Apr 24, 2026 |